Allowing VLAN traffic when OpenVPN client is connected

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
melindro
OpenVpn Newbie
Posts: 1
Joined: Thu Apr 21, 2022 3:17 pm

Allowing VLAN traffic when OpenVPN client is connected

Post by melindro » Thu Apr 21, 2022 3:28 pm

Hi,

I have a network setup at home with multiple VLANs. Here's the breakdown:

- Main LAN is 192.168.10.0/24
- A work VLAN is 192.168.20.0/24
- A third "guest" VLAN on 192.168.30.0/24

For now traffic can travel through VLANs as this is how I have the router set up until I isolate them.

Now, on my main LAN network I have a raspberry pi which has an OpenVPN client config to route all its internet traffic through the VPN. This works as expected.

Here's the issue I am having though:

- When the OpenVPN client is active, I can connect to the raspberry pi from any other machine within the main LAN (192.168.10.0/24)
- When the OpenVPN client is active, I cannot connect to the raspberry pi from any other machine within the other VLANs (192.168.20.0/24 and 192.168.30.0/24)
- When the OpenVPN client is not active I can connect to the pi from all VLANs in the network.

Since I have an adguard home DNS server in the raspberry pi which I'd also like to access from my work VLAN, I cannot currently do that since I'd have to bring the VPN client down which I do not want for privacy reasons.

Looking at my route tables this is what I have with the OpenVPN client disconnected:

Code: Select all

ip route show
default via 192.168.10.1 dev eth0 proto dhcp src 192.168.10.36 metric 202
192.168.10.0/24 dev eth0 proto dhcp scope link src 192.168.10.36 metric 202
And this is what it looks like when my OpenVPN client is connected:

Code: Select all

$ ip route show
0.0.0.0/1 via 10.2.112.1 dev tun0
default via 192.168.10.1 dev eth0 proto dhcp src 192.168.10.36 metric 202
10.2.112.0/24 dev tun0 proto kernel scope link src 10.2.112.203
128.0.0.0/1 via 10.2.112.1 dev tun0
192.168.10.0/24 dev eth0 proto dhcp scope link src 192.168.10.36 metric 202
195.246.120.41 via 192.168.10.1 dev eth0
What I suspect is happening is that when the client is on, traffic can come in from 192.168.20.0/24 for example, but then gets somehow routed through the VPN interface instead of eth0.

What route should I add in my setup so that all traffic coming from other VLANs get routed through eth0 as they would normally do? Happy to add more than one rule for VLAN, or a single one using 192.168.0.0/16. This is of course assuming my theory is correct. Unfortunately I am not a networking expert so I find myself slightly out of my depth.

Any help would be appreciated!
Top
mfdellinger
OpenVpn Newbie
Posts: 1
Joined: Sat Feb 24, 2024 11:23 pm

Re: Allowing VLAN traffic when OpenVPN client is connected

Post by mfdellinger » Sat Feb 24, 2024 11:29 pm

Were you able to solve this routing issue? I have the exact same problem and I cannot find an answer anywhere. I have disabled firewalls and added routes but I cannot get other machines on different VLAN subnets to connect to my raspberry pi while it is in running an openvpn client. Once I terminate the openvpn client, everything across all the VLAN's can connect without any issue....
Top
Post Reply

Return to “Configuration”